Detect Vulnerable Software with Wazuh! - Let's Build A Host Intrusion Detection System

Подписаться 19 тыс.

Просмотров 11 тыс.

50% 1

Join me as we incorporate Wazuh's Vulnerability Detector to scan our hosts and alert us on vulnerable software! Let's deploy a Host Intrusion Detection System and SIEM with free open source tools. Join me as we explore and learn together.
Defend with us on Slack: bit.ly/2Pi1byt
Check us out: www.opensecure...
Interact with our demo: www.opensecure...
Hire us: www.opensecure...

Опубликовано:

29 сен 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 21

@MeKaliLin-wq8zy 10 месяцев назад

I have an idea for a video that nobody has done. Configuring Vulnerability Detector to include unsupported systems. Particularly it would be nice to see this done on Fedora. They have a section in their manual though it would be nice to see an expert like you walk through it. Thank you

@RAZlEL7 Год назад

good movie 👍 I have a question. Can you help me. How to list agents in Wazuh, only those agents with installed Firefox? There must be some place in Wazuh where I can get a list of that. Can you tell me how to do it?

@alejandroparrello6493 Год назад

Hi Taylor What's up! A have a question, how did you do to change the theme of wazuh? The default ones burns my eyes 😅😩... nice video!! Regards from Argentina 👋 😁

@alejandroparrello6493 Год назад

@Arsquid ho!! Thank you! Where i could find it? Do you know the name of the plugg-in? 😉🤙🤙

@angelpepo 10 месяцев назад

and for windows?

@andrewa3216 2 года назад

Would like to re-produce this, but I'm not really interested in 'hacking' typoon. What is the admin password you used to login with so I can install an agent? Appreciate it.

@taylorwalton_socfortress 2 года назад

Username: typhoon password: 789456123 su - admin password: metallica Thanks for watching!

@ramsay3209 2 года назад

would you kindly tell me how to add our vulnerabilty database feeds in wazuh

@taylorwalton_socfortress 2 года назад

Hey Ram, you can look at all the available feeds here: documentation.wazuh.com/current/user-manual/capabilities/vulnerability-detection/how-it-works.html Thanks for watching :)

@mochammadawaludin2073 2 года назад

why on dashboard still have view sample data...?

@taylorwalton_socfortress 2 года назад

Makes it easier to demo

@gosky7 2 года назад

nice video, now Im trying to test according to your explain. what is cedential for typhoon vm server, I couldnt find initial login info, so I couldnt install wazuh client now.

@taylorwalton_socfortress 2 года назад

Try 789456123 and then run “su - admin “command with password of “metallica”

@gosky7 2 года назад

@@taylorwalton_socfortress thank you for your answer~~

@pawelsmierciak2559 3 года назад

I have no idea what is going on but i think its not working too good. for example i have fully updated debian and Wazuh thinks that its affected with (for example) CVE-2018-7169 i think its not possible :)

@taylorwalton_socfortress 3 года назад

Hey Pawel, what software/version is it flagging on?

@pawelsmierciak2559 3 года назад

@@taylorwalton_socfortress debian 10.9

@pawelsmierciak2559 3 года назад

@@taylorwalton_socfortress base-passwd 3.5.46 passwd 1:4.5-1.1

@pawelsmierciak2559 3 года назад

@@taylorwalton_socfortress wazuh agent 4.1.5-1 and Wazuh thinks that passwd is vulnerable - CVE-2018-7169 :)

@pawelsmierciak2559 3 года назад

@@taylorwalton_socfortress what is strange on debian security tracker they say that this package is vulnerable lol - funny how its possible that its still not fixed :) cve from 2018 ?